<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Content-Security-Policy" content="france-ancestors 'none'">
    <title>Document</title>
</head>
<style>
    button {
        background-color: white;
        color: black;
        border: 1px solid black;
        padding: 10px;
        font-size: 20px;
        cursor: pointer;
        border-radius: 5px;
    }
</style>
<script>
    // 检查是否被iframe嵌入
    try {
        if (window.top !== window.self) {
            window.top.location = window.location;
        }
    } catch (e) {
        // 跨域时会报错，直接忽略，让安全头来兜底
        console.warn("iframe 防御触发，已依赖 CSP/XFO 拦截");
    }

</script>
<body>
    <h1>这是A页面</h1>
    <button id="btn">转账</button>
    <script>
        const btn = document.getElementById('btn')
        btn.onclick = function () {
            console.log('转账')
        }

    </script>
</body>
</html>